Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:1112: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-0778: openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Red Hat Customer Portal

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-03-29

Updated:

2022-03-29

RHSA-2022:1112 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: openssl security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openssl is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

  • openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Affected Products

  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1

SRPM

openssl-1.1.1c-5.el8_1.1.src.rpm

SHA-256: d0234b268f06a166b72f91c9853389d05f89c59eb8211c5ad45c9fd6737568a4

ppc64le

openssl-1.1.1c-5.el8_1.1.ppc64le.rpm

SHA-256: 90a039c9753f556a908e5b1572494909460e1d70388a2d14c65c6ad561b81003

openssl-debuginfo-1.1.1c-5.el8_1.1.ppc64le.rpm

SHA-256: feb538ab49a75f049d4b9beeff3c629ece748b2ca69773d630ec8b05340359c1

openssl-debugsource-1.1.1c-5.el8_1.1.ppc64le.rpm

SHA-256: c7ad06c61beb402359357340551fcf9690ac42c02ea3753e641db9e9315d6c80

openssl-devel-1.1.1c-5.el8_1.1.ppc64le.rpm

SHA-256: 65ccf872ccb7366ec84d2dac18e079c1bde802fbfc9ff7fda5e9b4cc07fd1041

openssl-libs-1.1.1c-5.el8_1.1.ppc64le.rpm

SHA-256: a32745cb43a26b4fdcfc18c00e665d16fdc4f7cbdb47eb8fc0d863c0d8c0a5f8

openssl-libs-debuginfo-1.1.1c-5.el8_1.1.ppc64le.rpm

SHA-256: 5288c60ab72db46f93edec0090230b55240548b79ab477c82d5ea918138a4f62

openssl-perl-1.1.1c-5.el8_1.1.ppc64le.rpm

SHA-256: 0fefd37103b4717787a9fe81eb7394ba3aaafc74584c5adab058ba57083e1d59

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1

SRPM

openssl-1.1.1c-5.el8_1.1.src.rpm

SHA-256: d0234b268f06a166b72f91c9853389d05f89c59eb8211c5ad45c9fd6737568a4

x86_64

openssl-1.1.1c-5.el8_1.1.x86_64.rpm

SHA-256: 6849c1a5c8f10a9e98935bd25a22805c86fdd202b13aed012d72489473d270a1

openssl-debuginfo-1.1.1c-5.el8_1.1.i686.rpm

SHA-256: 31fe1cae1b62cc5f89390fda0b227fb669ed6942a6070a422de09db26bb28935

openssl-debuginfo-1.1.1c-5.el8_1.1.x86_64.rpm

SHA-256: 3ef1e66dc9a2fc63c034667016728029dfd3759a7f3b5f87adbaf0ce61d7821c

openssl-debugsource-1.1.1c-5.el8_1.1.i686.rpm

SHA-256: c1ef6cda719c0bc3f6aa9d18c09249f7235dcc5eac4d17fd744bf2a0db863248

openssl-debugsource-1.1.1c-5.el8_1.1.x86_64.rpm

SHA-256: f998dc2cb9dd7fe4e6449ba0be07124b2610d4dd811177de748a48592a3a8771

openssl-devel-1.1.1c-5.el8_1.1.i686.rpm

SHA-256: 61c39ca2f2ad52e34806fc673d0ba77180dafe834d328b4c7c79cb6b1f1b1fed

openssl-devel-1.1.1c-5.el8_1.1.x86_64.rpm

SHA-256: 4987f92084f89ee7fab095c7362face9bf35eba265f338b2cd7d44e4f1bf5eb7

openssl-libs-1.1.1c-5.el8_1.1.i686.rpm

SHA-256: b557ea679dce9a2b7a293f227b2e4b61222bb90b9600b73490233c20a5b9c616

openssl-libs-1.1.1c-5.el8_1.1.x86_64.rpm

SHA-256: c8fad3b2b9d48ac7b0456a3390113241e765bc825d2e85e9a03a8773b46fcd35

openssl-libs-debuginfo-1.1.1c-5.el8_1.1.i686.rpm

SHA-256: 97df35de299672bca9c537ad7ef204059c373533da9a9d1ce5e58d81fc639079

openssl-libs-debuginfo-1.1.1c-5.el8_1.1.x86_64.rpm

SHA-256: 65bcd2571b1e744cfbfb393adfaac3648099ea78129021c7b55e6158cb9b9b81

openssl-perl-1.1.1c-5.el8_1.1.x86_64.rpm

SHA-256: cfaec9a5260069f1385bc8ec41d046e0079d5e7442d467c39cf34814898048ea

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data